Presented at ToorCon San Diego 20 (2018)
Sept. 15, 2018, noon
IoT botnets are deployed heavily to perform nefarious activities by circumventing the integrity of the IoT device to launch sophisticated targeted or broad-based attacks. IoT botnets have enhanced the cybercrime operations to a great extent, thereby making it easier for the attackers to carry out unauthorized activities on the Internet. In this talk, Aditya will perform an empirical analysis to conduct a characteristic study of IoT botnets to understand the inherent design, architecture, and associated operations. Code samples will be dissected to highlight the inherent nefarious operations performed by the IoT bots. The study covers analysis of multiple IoT botnet families.
IoT botnets are deployed heavily to perform nefarious activities by circumventing the integrity of the IoT device to launch sophisticated targeted or broad-based attacks. IoT botnets have enhanced the cybercrime operations at a great extent thereby making it easier for the attackers to carry out unauthorized activities on the Internet. This paper presents the empirical analysis of the six botnet families to draw the comparative analysis of the widely known IoT botnets. The study not only provides deep insights into the working behavior of the IoT botnets but also highlights the preventive measures to be taken to defend against IoT botnets. The talk encompasses the following:
· We conducted an analytical study of more than six IoT botnet families to better understand the various techniques deployed to abuse and exploit the IoT devices. This includes analysis of protocols, network communication, anti-detection strategies, bricking devices, data exfiltration and others. The mapping of characteristic analysis provides a broad picture on the state of IoT botnets.
· Our empirical study demonstrates how the IoT botnets have been configured and deployed in the last few years and how these have been used to launch attacks against users by abusing IoT devices running insecurely on the Internet.
· Finally, we highlight strategies that can be deployed for detecting and preventing IoT communications.
Audience will learn and understand on how the IOT botnets are designed and operated including advanced techniques being followed. The threat intelligence provided during this talk will enhance the existing state of IOT-specific detection and prevention algorithms. Audience will also learn based on the real-world code samples discussed in this talk.
Aditya K Sood
Aditya K. Sood is an information security practitioner and researcher by profession. He has research interests in malware automation and analysis, cloud security, secure software design, and cybercrime research. He is also a founder of SecNiche Security Labs, an independent web portal for sharing research with the security community. Currently, he directs the security efforts for the cloud security division at Symantec. He obtained his Ph.D. from Michigan State University in computer sciences.